def test_get_mandatory(self):
# wrong key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory({"a": "b"}, "c")
# empty key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory({"a": None}, "a")
# everything fine
self.assertEqual(vcloud_plugin_common.get_mandatory({"a": "b"}, "a"), "b")
def test_get_mandatory(self):
# wrong key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory({'a': 'b'}, 'c')
# empty key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory({'a': None}, 'a')
# everything fine
self.assertEqual(vcloud_plugin_common.get_mandatory({'a': 'b'}, 'a'),
'b')
def creation_validation(vca_client, **kwargs):
floatingip = get_mandatory(ctx.node.properties, 'floatingip')
edge_gateway = get_mandatory(floatingip, 'edge_gateway')
gateway = get_gateway(vca_client, edge_gateway)
service_type = get_vcloud_config().get('service_type')
public_ip = floatingip.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
CheckAssignedExternalIp(public_ip, gateway)
else:
if is_subscription(service_type):
getFreeIP(gateway)
def creation_validation(vca_client, **kwargs):
"""
validate firewall rules for node
"""
getaway = get_gateway(
vca_client, _get_gateway_name(ctx.node.properties)
)
if not getaway.is_fw_enabled():
raise cfy_exc.NonRecoverableError(
"Gateway firewall is disabled. Please, enable firewall.")
rules = get_mandatory(ctx.node.properties, 'rules')
for rule in rules:
description = rule.get("description")
if description and not isinstance(description, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'description' must be string.")
source = rule.get("source")
if source:
if not isinstance(source, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'source' must be valid IP address string.")
if not _is_literal_ip(source):
check_ip(source)
utils.check_port(rule.get('source_port'))
destination = rule.get('destination')
if destination:
if not isinstance(destination, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'destination' must be valid IP address string.")
if not _is_literal_ip(destination):
check_ip(destination)
utils.check_port(rule.get('destination_port'))
utils.check_protocol(rule.get('protocol'))
action = get_mandatory(rule, "action")
if (not isinstance(action, basestring)
or action.lower() not in ACTIONS):
raise cfy_exc.NonRecoverableError(
"Action must be on of{0}.".format(ACTIONS))
log = rule.get('log_traffic')
if log and not isinstance(log, bool):
raise cfy_exc.NonRecoverableError(
"Parameter 'log_traffic' must be boolean.")
def creation_validation(vca_client, **kwargs):
"""
validate firewall rules for node
"""
getaway = get_gateway(
vca_client, _get_gateway_name(ctx.node.properties)
)
if not getaway.is_fw_enabled():
raise cfy_exc.NonRecoverableError(
"Gateway firewall is disabled. Please, enable firewall.")
rules = get_mandatory(ctx.node.properties, 'rules')
for rule in rules:
description = rule.get("description")
if description and not isinstance(description, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'description' must be string.")
source = rule.get("source")
if source:
if not isinstance(source, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'source' must be valid IP address string.")
if not _is_literal_ip(source):
check_ip(source)
utils.check_port(rule.get('source_port'))
destination = rule.get('destination')
if destination:
if not isinstance(destination, basestring):
raise cfy_exc.NonRecoverableError(
"Parameter 'destination' must be valid IP address string.")
if not _is_literal_ip(destination):
check_ip(destination)
utils.check_port(rule.get('destination_port'))
utils.check_protocol(rule.get('protocol'))
action = get_mandatory(rule, "action")
if (not isinstance(action, basestring)
or action.lower() not in ACTIONS):
raise cfy_exc.NonRecoverableError(
"Action must be on of{0}.".format(ACTIONS))
log = rule.get('log_traffic')
if log and not isinstance(log, bool):
raise cfy_exc.NonRecoverableError(
"Parameter 'log_traffic' must be boolean.")
def test_get_mandatory(self):
# wrong key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory(
{'a': 'b'}, 'c'
)
# empty key
with self.assertRaises(cfy_exc.NonRecoverableError):
vcloud_plugin_common.get_mandatory(
{'a': None}, 'a'
)
# everything fine
self.assertEqual(
vcloud_plugin_common.get_mandatory({
'a': 'b'
}, 'a'),
'b'
)
def creation_validation(vca_client, **kwargs):
nat = get_mandatory(ctx.node.properties, 'nat')
rules = get_mandatory(ctx.node.properties, 'rules')
gateway = get_gateway(vca_client, get_mandatory(nat, 'edge_gateway'))
service_type = get_vcloud_config().get('service_type')
public_ip = nat.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
CheckAssignedExternalIp(public_ip, gateway)
else:
if isSubscription(service_type):
getFreeIP(gateway)
check_protocol(rules.get('protocol', "any"))
original_port = rules.get('original_port')
if original_port and not isinstance(original_port, int):
raise cfy_exc.NonRecoverableError("Parameter 'original_port' must be integer")
translated_port = rules.get('translated_port')
if translated_port and not isinstance(translated_port, int):
raise cfy_exc.NonRecoverableError("Parameter 'translated_port' must be integer")
def creation_validation(vca_client, **kwargs):
port = get_mandatory(ctx.node.properties, 'port')
ip_allocation_mode = port.get('ip_allocation_mode')
if ip_allocation_mode:
if ip_allocation_mode.lower() not in ['manual', 'dhcp', 'pool']:
raise cfy_exc.NonRecoverableError(
"Unknown allocation mode {0}".format(ip_allocation_mode))
ip_address = port.get('ip_address')
if ip_address:
check_ip(ip_address)
def creation_validation(vca_client, **kwargs):
"""
check volume description
"""
vdc_name = get_vcloud_config()['vdc']
disks_names = [
disk.name for [disk, _vms] in vca_client.get_disks(vdc_name)
]
if ctx.node.properties.get('use_external_resource'):
resource_id = get_mandatory(ctx.node.properties, 'resource_id')
if resource_id not in disks_names:
raise cfy_exc.NonRecoverableError(
"Disk {} does't exists".format(resource_id))
else:
volume = get_mandatory(ctx.node.properties, 'volume')
name = get_mandatory(volume, 'name')
if name in disks_names:
raise cfy_exc.NonRecoverableError(
"Disk {} already exists".format(name))
get_mandatory(volume, 'size')
def creation_validation(vca_client, **kwargs):
"""
check volume description
"""
vdc_name = get_vcloud_config()['vdc']
disks_names = [
disk.name for [disk, _vms] in vca_client.get_disks(vdc_name)
]
if ctx.node.properties.get('use_external_resource'):
resource_id = get_mandatory(ctx.node.properties, 'resource_id')
if resource_id not in disks_names:
raise cfy_exc.NonRecoverableError(
"Disk {} does't exists".format(resource_id))
else:
volume = get_mandatory(ctx.node.properties, 'volume')
name = get_mandatory(volume, 'name')
if name in disks_names:
raise cfy_exc.NonRecoverableError(
"Disk {} already exists".format(name))
get_mandatory(volume, 'size')
def creation_validation(vca_client, **kwargs):
nat = get_mandatory(ctx.node.properties, 'nat')
rules = get_mandatory(ctx.node.properties, 'rules')
gateway = get_gateway(vca_client, get_mandatory(nat, 'edge_gateway'))
service_type = get_vcloud_config().get('service_type')
public_ip = nat.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
CheckAssignedExternalIp(public_ip, gateway)
else:
if isSubscription(service_type):
getFreeIP(gateway)
check_protocol(rules.get('protocol', "any"))
original_port = rules.get('original_port')
if original_port and not isinstance(original_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'original_port' must be integer")
translated_port = rules.get('translated_port')
if translated_port and not isinstance(translated_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'translated_port' must be integer")
def creation_validation(vca_client, **kwargs):
"""
validate node context,
fields from floatingip dict:
* edge_gateway - mandatory,
* public_ip - prefered ip for node, can be empty
fields from vcloud_config:
* service_type - ondemand, subscription
also check availability of public ip if set or exist some free
ip in subscription case
"""
floatingip = get_mandatory(ctx.node.properties, 'floatingip')
edge_gateway = get_mandatory(floatingip, 'edge_gateway')
gateway = get_gateway(vca_client, edge_gateway)
service_type = get_vcloud_config().get('service_type')
public_ip = floatingip.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
CheckAssignedExternalIp(public_ip, gateway)
else:
if is_subscription(service_type):
getFreeIP(gateway)
def creation_validation(vca_client, **kwargs):
"""
validate node context,
fields from floatingip dict:
* edge_gateway - mandatory,
* public_ip - prefered ip for node, can be empty
fields from vcloud_config:
* service_type - ondemand, subscription
also check availability of public ip if set or exist some free
ip in subscription case
"""
floatingip = get_mandatory(ctx.node.properties, 'floatingip')
edge_gateway = get_mandatory(floatingip, 'edge_gateway')
gateway = get_gateway(vca_client, edge_gateway)
service_type = get_vcloud_config().get('service_type')
public_ip = floatingip.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
CheckAssignedExternalIp(public_ip, gateway)
else:
if is_subscription(service_type):
getFreeIP(gateway)
def creation_validation(vca_client, **kwargs):
"""
validate port settings,
ip_allocation_mode must be in 'manual', 'dhcp', 'pool',
and valid ip_address if set
"""
port = get_mandatory(ctx.node.properties, "port")
ip_allocation_mode = port.get("ip_allocation_mode")
if ip_allocation_mode:
if ip_allocation_mode.lower() not in ["manual", "dhcp", "pool"]:
raise cfy_exc.NonRecoverableError("Unknown allocation mode {0}".format(ip_allocation_mode))
ip_address = port.get("ip_address")
if ip_address:
check_ip(ip_address)
def creation_validation(vca_client, **kwargs):
"""
validate nat rules in node properties
"""
nat = get_mandatory(ctx.node.properties, 'nat')
gateway = get_gateway(vca_client, get_mandatory(nat, 'edge_gateway'))
service_type = get_vcloud_config().get('service_type')
public_ip = nat.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
else:
if is_subscription(service_type):
getFreeIP(gateway)
for rule in get_mandatory(ctx.node.properties, 'rules'):
if rule['type'] == "DNAT":
utils.check_protocol(rule.get('protocol'))
original_port = rule.get('original_port')
if original_port and not isinstance(original_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'original_port' must be integer")
translated_port = rule.get('translated_port')
if translated_port and not isinstance(translated_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'translated_port' must be integer")
def creation_validation(vca_client, **kwargs):
"""
validate port settings,
ip_allocation_mode must be in 'manual', 'dhcp', 'pool',
and valid ip_address if set
"""
port = get_mandatory(ctx.node.properties, 'port')
ip_allocation_mode = port.get('ip_allocation_mode')
if ip_allocation_mode:
if ip_allocation_mode.lower() not in ['manual', 'dhcp', 'pool']:
raise cfy_exc.NonRecoverableError(
"Unknown allocation mode {0}".format(ip_allocation_mode))
ip_address = port.get('ip_address')
if ip_address:
check_ip(ip_address)
def creation_validation(vca_client, **kwargs):
"""
validate nat rules in node properties
"""
nat = get_mandatory(ctx.node.properties, 'nat')
gateway = get_gateway(vca_client, get_mandatory(nat, 'edge_gateway'))
service_type = get_vcloud_config().get('service_type')
public_ip = nat.get(PUBLIC_IP)
if public_ip:
check_ip(public_ip)
else:
if is_subscription(service_type):
getFreeIP(gateway)
for rule in get_mandatory(ctx.node.properties, 'rules'):
if rule['type'] == "DNAT":
utils.check_protocol(rule.get('protocol'))
original_port = rule.get('original_port')
if original_port and not isinstance(original_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'original_port' must be integer")
translated_port = rule.get('translated_port')
if translated_port and not isinstance(translated_port, int):
raise cfy_exc.NonRecoverableError(
"Parameter 'translated_port' must be integer")
def creation_validation(vca_client, **kwargs):
"""
check network description from node description
"""
network_name = get_network_name(ctx.node.properties)
ctx.logger.info(
"Validation cloudify.vcloud.nodes.Network node: {0}".format(
network_name))
if is_network_exists(vca_client, network_name):
if ctx.node.properties.get('use_external_resource'):
# TODO: check: default gateway must exists
return
else:
raise cfy_exc.NonRecoverableError(
"Network already exsists: {0}".format(network_name))
net_prop = get_mandatory(ctx.node.properties, "network")
gateway_name = get_mandatory(net_prop, 'edge_gateway')
if not vca_client.get_gateway(get_vcloud_config()['vdc'], gateway_name):
raise cfy_exc.NonRecoverableError(
"Gateway {0} not found".format(gateway_name))
static_ip = _split_adresses(get_mandatory(net_prop, 'static_range'))
check_ip(static_ip.start)
check_ip(static_ip.end)
dns_list = net_prop.get("dns")
if dns_list:
for ip in dns_list:
check_ip(ip)
gateway_ip = check_ip(get_mandatory(net_prop, "gateway_ip"))
netmask = check_ip(get_mandatory(net_prop, "netmask"))
ips = [gateway_ip, static_ip.start, static_ip.end]
dhcp = net_prop.get("dhcp")
if dhcp:
dhcp_range = get_mandatory(net_prop["dhcp"], "dhcp_range")
dhcp_ip = _split_adresses(dhcp_range)
if not is_separate_ranges(static_ip, dhcp_ip):
raise cfy_exc.NonRecoverableError(
"Static_range and dhcp_range is overlapped.")
ips.extend([dhcp_ip.start, dhcp_ip.end])
if not is_ips_in_same_subnet(ips, netmask):
raise cfy_exc.NonRecoverableError("IP addresses in different subnets.")
def creation_validation(vca_client, **kwargs):
"""
check network description from node description
"""
network_name = get_network_name(ctx.node.properties)
ctx.logger.info("Validation cloudify.vcloud.nodes.Network node: {0}"
.format(network_name))
if is_network_exists(vca_client, network_name):
if ctx.node.properties.get('use_external_resource'):
# TODO: check: default gateway must exists
return
else:
raise cfy_exc.NonRecoverableError(
"Network already exsists: {0}".format(network_name))
net_prop = get_mandatory(ctx.node.properties, "network")
gateway_name = get_mandatory(net_prop, 'edge_gateway')
if not vca_client.get_gateway(get_vcloud_config()['vdc'], gateway_name):
raise cfy_exc.NonRecoverableError(
"Gateway {0} not found".format(gateway_name))
static_ip = _split_adresses(get_mandatory(net_prop, 'static_range'))
check_ip(static_ip.start)
check_ip(static_ip.end)
dns_list = net_prop.get("dns")
if dns_list:
for ip in dns_list:
check_ip(ip)
gateway_ip = check_ip(get_mandatory(net_prop, "gateway_ip"))
netmask = check_ip(get_mandatory(net_prop, "netmask"))
ips = [gateway_ip, static_ip.start, static_ip.end]
dhcp = net_prop.get("dhcp")
if dhcp:
dhcp_range = get_mandatory(net_prop["dhcp"], "dhcp_range")
dhcp_ip = _split_adresses(dhcp_range)
if not is_separate_ranges(static_ip, dhcp_ip):
raise cfy_exc.NonRecoverableError(
"Static_range and dhcp_range is overlapped.")
ips.extend([dhcp_ip.start, dhcp_ip.end])
if not is_ips_in_same_subnet(ips, netmask):
raise cfy_exc.NonRecoverableError(
"IP addresses in different subnets.")
